diff --git a/playbooks/destroy.yml b/playbooks/destroy.yml
index 4b1908a..18a0a8e 100644
--- a/playbooks/destroy.yml
+++ b/playbooks/destroy.yml
@@ -4,7 +4,7 @@
   vars_files:
     - ../vault.yml
   tasks:
-    - name: Destroy
+    - name: Destroy Terraform.
       community.general.terraform:
         project_path: '../terraform'
         state: "absent"
diff --git a/playbooks/install_k8s.yml b/playbooks/install_k8s.yml
index 9f2e24d..24aa2e4 100644
--- a/playbooks/install_k8s.yml
+++ b/playbooks/install_k8s.yml
@@ -179,58 +179,12 @@
               value: "true"
               effect: NoSchedule
 
-- name: Install Hetzner Cloud Controller.
+- name: Install `nginx` Controller.
   gather_facts: false
   hosts: control
   vars_files:
     - ../vault.yml
     - ../secrets/tf_outputs.yml
-  tasks:
-    - name: Create `hcloud` secret.
-      kubernetes.core.k8s:
-        name: hcloud
-        namespace: kube-system
-        kind: Secret
-        state: present
-        definition:
-          apiVersion: v1
-          kind: Secret
-          metadata:
-            name: hcloud
-            namespace: kube-system
-          type: Opaque
-          data:
-            token: "{{ secrets.hcloud_token | b64encode }}"
-            network: "{{ private_network_id.value | b64encode }}"
-
-    - name: Add Cloud Controller repository.
-      kubernetes.core.helm_repository:
-        name: hcloud
-        url: https://charts.hetzner.cloud
-        state: present
-
-    - name: Copy over values file.
-      vars:
-        values_template: ../templates/HCCMValues.yml.jinja2
-      ansible.builtin.template:
-        src: "{{ values_template }}"
-        dest: HCCMValues.yml
-        mode: preserve
-
-    - name: Install it.
-      kubernetes.core.helm:
-        name: hccm
-        chart_ref: hcloud/hcloud-cloud-controller-manager
-        namespace: kube-system
-        state: present
-        update_repo_cache: true
-        force: true
-        values_files: [HCCMValues.yml]
-
-
-- name: Install `nginx` Controller.
-  gather_facts: false
-  hosts: control
   tasks:
     - name: Remove schedule taint to nodes.
       kubernetes.core.k8s_taint:
@@ -251,6 +205,9 @@
     - name: Copy over values file.
       vars:
         values_template: ../templates/IngressValues.yml.jinja2
+        load_balancer_name: "{{ variables.load_balancer_name }}"
+        network_zone: "{{ variables.network_zone }}"
+        certificate_name: "{{ certificate_name.value }}"
       ansible.builtin.template:
         src: "{{ values_template }}"
         dest: IngressValues.yml
diff --git a/templates/IngressValues.yml.jinja2 b/templates/IngressValues.yml.jinja2
index 11916bb..0eaef6d 100644
--- a/templates/IngressValues.yml.jinja2
+++ b/templates/IngressValues.yml.jinja2
@@ -4,14 +4,13 @@ controller:
   kind: DaemonSet
   service:
     annotations:
-      load-balancer.hetzner.cloud/name: "hetzner-lb"
-      load-balancer.hetzner.cloud/location: "fsn1"
+      load-balancer.hetzner.cloud/name: {{ load_balancer_name }}
       load-balancer.hetzner.cloud/type: "lb11"
       load-balancer.hetzner.cloud/ipv6-disabled: "true"
       load-balancer.hetzner.cloud/use-private-ip: "true"
       load-balancer.hetzner.cloud/protocol: "https"
-      load-balancer.hetzner.cloud/network-zone: "eu-central"
-      load-balancer.hetzner.cloud/http-certificates: "managed_cert"
+      load-balancer.hetzner.cloud/network-zone: {{ network_zone }}
+      load-balancer.hetzner.cloud/http-certificates: {{ certificate_name }}
       load-balancer.hetzner.cloud/http-redirect-http: "true"
     enableHttp: false
     targetPorts:
diff --git a/terraform/compute.tf b/terraform/compute.tf
index 47fd9de..c9ad21b 100644
--- a/terraform/compute.tf
+++ b/terraform/compute.tf
@@ -51,3 +51,18 @@ resource "hcloud_server" "server" {
 
   depends_on = [hcloud_network_subnet.subnet]
 }
+
+resource "hcloud_load_balancer" "lb" {
+  name               = "lb-hetzner"
+  load_balancer_type = "lb11"
+  network_zone       = "eu-central"
+}
+
+resource "hcloud_load_balancer_target" "load_balancer_target" {
+  for_each = hcloud_server.server
+
+  type             = "server"
+  load_balancer_id = hcloud_load_balancer.lb.id
+  use_private_ip   = true
+  server_id        = each.value.id
+}
diff --git a/terraform/network.tf b/terraform/network.tf
index 701a1ac..84020e9 100644
--- a/terraform/network.tf
+++ b/terraform/network.tf
@@ -20,8 +20,9 @@ resource "hcloud_network_route" "gateway" {
   gateway     = local.nat-private-ip
 }
 
-// A managed certificate for the domain, to be used by the load balancer.
-resource "hcloud_managed_certificate" "managed_cert" {
-  name         = "managed_cert"
-  domain_names = ["*.${local.domain}", "${local.domain}"]
+// Attach the load blaancer to the private network.
+resource "hcloud_load_balancer_network" "attachment" {
+  load_balancer_id = hcloud_load_balancer.lb.id
+  subnet_id        = hcloud_network_subnet.subnet.id
+  ip               = local.lb-private-ip
 }
diff --git a/terraform/routing.tf b/terraform/routing.tf
new file mode 100644
index 0000000..561c3f7
--- /dev/null
+++ b/terraform/routing.tf
@@ -0,0 +1,32 @@
+data "hcloud_zone" "zone" {
+  name = local.domain
+}
+
+// Attach the load balancer to the domain.
+resource "hcloud_zone_rrset" "records" {
+  for_each = toset(["@", "*"])
+  zone     = data.hcloud_zone.zone.name
+  name     = each.value
+  type     = "A"
+  ttl      = 60
+  records  = [{ value = hcloud_load_balancer.lb.ipv4 }]
+
+  change_protection = false
+}
+
+// A managed certificate for the domain, to be used by the load balancer.
+resource "hcloud_managed_certificate" "main" {
+  name         = local.certificate_name
+  domain_names = ["*.${local.domain}", "${local.domain}"]
+}
+
+resource "hcloud_load_balancer_service" "load_balancer_service" {
+  load_balancer_id = hcloud_load_balancer.lb.id
+  protocol         = "https"
+
+  http {
+    sticky_sessions = true
+    certificates    = [hcloud_managed_certificate.main.id]
+    redirect_http   = true
+  }
+}
diff --git a/terraform/variables.tf b/terraform/variables.tf
index 3941b78..57aa125 100644
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -11,6 +11,8 @@ locals {
   }
 
   domain = "maximhutz.com"
+
+  certificate_name = "Main Certificate"
 }
 
 variable "public_key_file" {
diff --git a/vault.yml b/vault.yml
index 5dc1e9c..cb4b22a 100644
--- a/vault.yml
+++ b/vault.yml
@@ -1,36 +1,40 @@
 $ANSIBLE_VAULT;1.1;AES256
-66346130316130363833656139333733306135303061323864643937636639326333316235303262
-3236323131623963633431333334663933653665376635360a383561366230666365323732383032
-32643731613032616362313561633337336266633161326636366363346638613638643830316438
-6130653230323362330a316231346462323366386539316566653139633937326364363030663631
-31343239663464363366363261616631383935323161636630646132316230646332613461323366
-31393235623932636366373961313538663733363565663363346534363063396632336261356265
-34633064383364393664336639653461636666393662633031616165396537396466643461393862
-64613862616663343565393836333834393463623335643139373966366236363262646461666365
-38373331613461376431343934333761333436373664623831366261363835323437363033386363
-36633862343134323130656465386462646235393833376563343161313130333536333733636636
-66353162393639343765396464666130306530333030386564363361356364616338363865636565
-33393233636631643563316336653461343733313266653433316265383661653264626666393830
-39666239333965383464653766333263306439653231653163323130333437336432353666366531
-64613737346336643263306538353131343030356164323237623937633238666336306165646231
-38383837313963626531653236376530313563363333313330653439393733396136333937313061
-36386131396337313131333730326639366439373933626130626537353265306434666265373063
-32313832613632346563346565656366336430663762316437376461656639346634306663326165
-34653534623031396564326563303132626562326131666337643839633366306462643436323635
-66666665383332336636356639373863663237303064386533653837636466313461376438383238
-39616434363263646235336432323139326139346364616431626532313861666266373836396363
-33356137363130396237353931316137653066303930353733356432356664636431306165646136
-37643666373532393936333064306661363331666332336363623430366435313962646563616261
-34613166393764343830303733333033643563333032303536326131323461383535353134643036
-38306531383135633431633863346465613333663433343433363633636439326636643938373265
-65643066646364613230396536623537663961356531653164303134383736323064363637353738
-31356630376635633930353239306633326432383031373632346234373536666431653963653566
-35353163373938383736396135386266653636383066636637376238316139346239653234363830
-64663432663339346634323366366138306133326562643736373964326265393537326663386364
-61373039313739343031623134613435656461616165386430366333346161666530376338663961
-32353231656162393138653837663863653562626236393630316635363537306130346238313161
-64613566363163363966653533333664643633656533613939616533336136376635333336333233
-39373638363538636632656133363864653136613231613532313531643565396237306338353263
-33616132666364663036643437326463633265316236323835323039336361393739653361373632
-37336162353635643333373937346333373433346333613133633936616430666637613235623937
-636334616134303130303561633437353736
+62656134326239313562396138346634316530303635353562616163323836666132616565366336
+3035353733653832316165356663303264396439393232390a666465306363356335383734616438
+37313833663535356163616666343933303363383462353064633538333433373431663161626230
+3962303165346162360a626536313165643466343965633431343833653163656266396535656232
+35653139613737336431323733616533363531616131613965663534343938396661336331376633
+62306130323131626435303262326261376630616433613363363536663638306261643734363661
+66366631393034653536343163313862623733316465376533313030393761363033376536643861
+63313735343033656332333838343532343236623435303135383033306131313930316137613634
+37386339313530353534343162613733333935333136656134623862323861653739353636366363
+38656565643437663330353366636331316337626438323162393838346534393063386338326336
+64373030336466376432386334653737313461626264396431613330393938316230623235663962
+62323431626261386238363163646662336134373534376632653431396532626438613830396164
+34663434656131336265353336633930666230323131633130373833396230313634646134353464
+30373537623939316565393966376439336465623330353037303536306632646361643437306139
+36393232623236613737336263396138376336396335316465663661613635636232383435666230
+65333361656337653135363239346264613530626231636635303466326331323832383337626534
+64306630306531393461356535336136323833643735353232343336623830656563616663353933
+34656562626238343030383833326333323463306634616333303531633832326532316664383837
+65343463323837376630323663323961636631376535313538646462626130653431306563323137
+35616335333265306366376532353861643935663764326334313035323432343361306639643633
+62643932303161326634656463633166643062363262303665633261303730353438633834326432
+63386439653266333561336432653737316538333330613662356535363162633635663039646430
+31363866396265613639333266636532373438366430663632633061663736366366623061313765
+37313932613339643731616263656636303439633637623935333136353866303361396230393632
+37316566303932336361653335353632353161353864616361326665393065363736363430666464
+62656333393632313664653837393335353662363965313238633131313631373534313336613831
+33313762316330653835616637323134656536626661343833373336363430633836663831643563
+39303364656638306661616537623538663230326639643533306538353435626336383435633836
+35656633313436623733666464346337343664393236336535616135333032363034666333316233
+65363537633630356662353034613935366330643361393631353561643062376239343363646462
+38633335356234396334313265393235636337663365646533343234323634646166623038343266
+32646432653731383366616333633862643531303633613136386331383365376633343935666563
+33363035356365626263646132353631653336383939646538393336393463626632663661663962
+63656238353463356665633964316135646264333262633862643234313035386230666661643733
+65396534636365356130356463393634646136373362343334636138633531383135333637323635
+35366131353261643661373366653838373238343732633430653862613134386565303765326166
+32386465336231666564653361653235646231623065643738613939353439323430656236613633
+63333034303863633036613662313238383430373365353637323062363363303461333766373164
+393133613238363662663335626561393630